<?php
/*
 This file provides the functions to deal with User Issues
 */
include_once 'dbconfig.php';

class User {

	function User() {
		/*
		 This is the constructor of User class
		 Connect to the database
		 */
		mysql_connect(DBSERVER, DBUSER, DBPASS);  // from dbconfig.php
		$selectdb = mysql_select_db(DBNAME);
	}
	
	function get_member_rows($name) {
		$sql = "SELECT * FROM member where member_name='" .$name. "'";
		$query = mysql_query($sql);
		$record=mysql_num_rows($query);	
		return $record;
	}

	function get_user_name($username, $password) {
		/*
		Select a specific user name and return the name in $row['name']
		*/
		if ($username == "") {
			return false;
		} else {
			$sql = "SELECT member_name FROM member WHERE member_name = '" .$username. "' AND member_password = '" .$password. "'";
			$result = mysql_query($sql);
			$row = mysql_fetch_assoc($result);
			return $row['member_name'];
		}
	}
	
	function get_member_type($username, $password) {
		/*
		Select a specific user name and return the name in $row['member_type']
		*/
		if ($username == "") {
			return false;
		} else {
			$sql = "SELECT member_type FROM member WHERE member_name = '" .$username. "' AND member_password = '" .$password. "'";
			$result = mysql_query($sql);
			$row = mysql_fetch_assoc($result);
			return $row['member_type'];
		}
	}
	
	function get_member_id($username, $password) {
		/*
		Select a specific user name and return the name in $row['member_id']
		*/
		if ($username == "") {
			return false;
		} else {
			$sql = "SELECT member_id FROM member WHERE member_name = '" .$username. "' AND member_password = '" .$password. "'";
			$result = mysql_query($sql);
			$row = mysql_fetch_assoc($result);
			return $row['member_id'];
		}
	}
	
	function get_member_password($username, $password) {
		/*
		Select a specific user name and return the name in $row['member_id']
		*/
		if ($username == "") {
			return false;
		} else {
			$sql = "SELECT member_password FROM member WHERE member_name = '" .$username. "' AND member_password = '" .$password. "'";
			$result = mysql_query($sql);
			$row = mysql_fetch_assoc($result);
			return $row['member_password'];
		}
	}

        function get_tenant_info($type) {

			$sql = "SELECT * FROM member WHERE member_type=3";
			$result = mysql_query($sql);
			$return_array = array();
			while ($row = mysql_fetch_assoc($result)) {
                            $return_array[] = $row;
                        }
			return $return_array;
	}

        function get_landlord_info($type) {

			$sql = "SELECT * FROM member WHERE member_type=2";
			$result = mysql_query($sql);
			$return_array = array();
			while ($row = mysql_fetch_assoc($result)) {
                            $return_array[] = $row;
                        }
			return $return_array;
	}

        function get_all_member_info() {

			$sql = "SELECT * FROM member WHERE member_type=2 OR member_type=3";
			$result = mysql_query($sql);
			$return_array = array();
                        while ($row = mysql_fetch_assoc($result)) {
                            $return_array[] = $row;
                        }
			return $return_array;
	}

	function get_member_info($member_id) {
		
			$sql = "SELECT member_id,member_name,member_email, member_ic, member_hp, member_score, register_time FROM member WHERE member_id = '" .$member_id. "'";
			$result = mysql_query($sql);
			$return_array = array();
			$row = mysql_fetch_assoc($result);
			$return_array[] = $row;
			return $return_array;
	}

        function get_admin_id($user_id)
	{
		$sql = "SELECT admin_id from admin where member_id='" .$user_id. "'";
		$result= mysql_query($sql) or die(mysql_error());
		$row = mysql_fetch_assoc($result);
		return $row['admin_id'];
	}

	function get_landlord_id($user_id) 
	{		
		$sql = "SELECT landlord_id from landlord where member_id='" .$user_id. "'";
		$result= mysql_query($sql) or die(mysql_error());
		$row = mysql_fetch_assoc($result);
		return $row['landlord_id'];
	}

       function get_tenant_id($user_id)
	{
		$sql = "SELECT tenant_id from tenant where member_id='" .$user_id. "'";
		$result= mysql_query($sql) or die(mysql_error());
		$row = mysql_fetch_assoc($result);
		return $row['tenant_id'];
	}

	function get_landlord_name($landlord_id)
	{
		$sql = "SELECT member.member_name from landlord, member where member.member_id = landlord.member_id AND landlord.landlord_id='" .$landlord_id. "'";
		$result= mysql_query($sql) or die(mysql_error());
		$row = mysql_fetch_assoc($result);
		return $row['member_name'];

	}

    function admin_get_member_id($admin_id)
    {
	$sql = "SELECT member_id FROM admin WHERE admin_id = '" .$admin_id. "'";
	$result = mysql_query($sql);
	$row = mysql_fetch_assoc($result);
	return $row['member_id'];
    }

    function landlord_get_member_id($landlord_id)
    {
	$sql = "SELECT member_id FROM landlord WHERE landlord_id = '" .$landlord_id. "'";
	$result = mysql_query($sql);
	$row = mysql_fetch_assoc($result);
	return $row['member_id'];
    }

    function tenant_get_member_id($tenant_id)
    {
	$sql = "SELECT member_id FROM tenant WHERE tenant_id = '" .$tenant_id. "'";
	$result = mysql_query($sql);
	$row = mysql_fetch_assoc($result);
	return $row['member_id'];
    }

    function add_user($name, $password, $email, $ic, $hp, $type, $gender)
	{
		if ($name != "")
		{
			$member_sql = "INSERT INTO member (member_name, member_gender, member_email, member_hp, member_ic, member_score, member_password, member_type, register_time) VALUES ('$name', '$gender', '$email', '$hp', '$ic', '0', '$password', '$type', now())";
			$result = mysql_query($member_sql) or die (mysql_error());
			if ($type==2)
			{
				$select_sql2 = "SELECT member_id FROM member WHERE member_name='$name'";
				$select_result2 = mysql_query($select_sql2);
				$row2 = mysql_fetch_assoc($select_result2);
				$landlord_sql = "INSERT INTO landlord (member_id) VALUES ('$row2[member_id]')";
				$result2 = mysql_query($landlord_sql) or die (mysql_error());
				if ($result2)
				{
					echo "<div id=\"box1\"><div id=\"box\">";
					echo "<br><br>Registration Successful<br>";
					echo "The webpage will be redirected in 5 seconds, if not, please click <a href='login.php'>HERE</a> to Login</div></div>";	
					echo "<meta http-equiv='refresh' content='5; URL=login.php'>";
				}
			}
			else if($type==3)
			{
				$select_sql3 = "SELECT member_id FROM member WHERE member_name='$name'";
				$select_result3 = mysql_query($select_sql3);
				$row3 = mysql_fetch_assoc($select_result3);
				$tenant_sql = "INSERT INTO tenant (member_id) VALUES ('$row3[member_id]')";
				$result3 = mysql_query($tenant_sql) or die (mysql_error());
				if ($result3)
				{
					echo "<div id=\"box1\"><div id=\"box\">";
					echo "<br><br>Registration Successful<br>";
					echo "The webpage will be redirected in 5 seconds, if not, please click <a href='login.php'>HERE</a> to Login</div></div>";	
					echo "<meta http-equiv='refresh' content='5; URL=login.php'>";
				}
			}
		} else {
			echo "<div id=\"box1\"><div id=\"box\">";
			echo "<br><br>Registration Failed<br>";
			echo "The webpage will be redirected to register page in 5 seconds, if not, please click <a href='register.php'>HERE</a> to Register Again</div></div>";
			echo "<meta http-equiv='refresh' content='5; URL=register.php'>";
		}
	}

    function get_type($member_id) {
        $sql="SELECT member_type FROM member WHERE member_id=" .$member_id;
	$result=mysql_query($sql) or die(mysql_error());
        $row = mysql_fetch_assoc($result);
	return $row['member_type'];
        }

    function delete_member($member_id)
    {
	$sql="DELETE FROM member WHERE member_id=" .$member_id;
	$result=mysql_query($sql) or die(mysql_error());
	return $result;

    }

    function delete_tenant($member_id)
    {
        $sql="DELETE FROM tenant WHERE member_id=" .$member_id;
	$result=mysql_query($sql) or die(mysql_error());
	return $result;
    }

    function delete_landlord($member_id)
    {
        $sql="DELETE FROM landlord WHERE member_id=" .$member_id;
	$result=mysql_query($sql) or die(mysql_error());
	return $result;
    }

    function update_member($member_id, $name, $password, $email, $ic, $hp, $gender)
    {
	$sql = "UPDATE member SET member_name= '" .$name. "' , member_email= '" .$email. "' , member_hp= '" .$hp. "', 
        member_ic= '" .$ic. "' , member_password= '" .$password. "' , member_gender= '" .$gender. "'
        WHERE member_id= '" .$member_id. "'";
	$result = mysql_query($sql) or die(mysql_error());
	if ($result) {
            echo "Update Successfully! <br>
		  The webpage will be redirected to homepage in 5 seconds, if not, please click 
                  <a href='index.php'>HERE</a>
		  <meta http-equiv='refresh' content='5; URL=index.php'>";
	}
	else {
            echo "Update Fail! <br>
                The webpage will be redirected to homepage in 5 seconds, if not, please click
                <a href='index.php'>HERE</a>
		<meta http-equiv='refresh' content='5; URL=index.php'>";
	}
    }

    function update_password($username,$password)
    {
	$sql="UPDATE member SET member_password = '" .$password. "' WHERE member_name = '" .$username. "'";
	$result = mysql_query($sql) or die(mysql_error());
    }

    function get_landlord_email($landlord_id) {
        $sql="SELECT member_email FROM member,landlord WHERE landlord.member_id=member.member_id AND landlord_id='" .$landlord_id. "'";
        $result = mysql_query($sql) or die(mysql_error());
        $row = mysql_fetch_assoc($result);
	return $row['member_email'];

    }

    function get_tenant_email($tenant_id) {
        $sql="SELECT member_email FROM member,tenant WHERE tenant.member_id=tenant.member_id AND tenant_id='" .$tenant_id. "'";
        $result = mysql_query($sql) or die(mysql_error());
        $row = mysql_fetch_assoc($result);
	return $row['member_email'];

    }

    function get_score($member_id) {

		$sql="SELECT member_score FROM member WHERE member_id = ".$member_id."";
		$result = mysql_query($sql);
                $row = mysql_fetch_assoc($result);
                return $row['member_score'];
    }
}
?>